- 14 7月, 2009 1 次提交
-
-
由 Herbert Xu 提交于
This patch adds a mask parameter to complement the existing type parameter. This is useful when instantiating algorithms that require a mask other than the default, e.g., ahash algorithms. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 19 6月, 2009 2 次提交
-
-
由 Herbert Xu 提交于
We should return 0/-ENOENT instead of 1/0 when testing by name. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Steffen Klassert 提交于
This adds the 'alg' module parameter to be able to test an algorithm by name. If the algorithm type is not ad-hoc clear for a algorithm (e.g. pcrypt, cryptd) it is possilbe to set the algorithm type with the 'type' module parameter. Signed-off-by: NSteffen Klassert <steffen.klassert@secunet.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 02 6月, 2009 5 次提交
-
-
由 Jarod Wilson 提交于
At present, the tcrypt module always exits with an -EAGAIN upon successfully completing all the tests its been asked to run. In fips mode, integrity checking is done by running all self-tests from the initrd, and its much simpler to check the ret from modprobe for success than to scrape dmesg and/or /proc/crypto. Simply stay loaded, giving modprobe a retval of 0, if self-tests all pass and we're in fips mode. A side-effect of tracking success/failure for fips mode is that in non-fips mode, self-test failures will return the actual failure return codes, rather than always returning -EAGAIN, which seems more correct anyway. The tcrypt_test() portion of the patch is dependent on my earlier pair of patches that skip non-fips algs in fips mode, at least to achieve the fully intended behavior. Nb: testing this patch against the cryptodev tree revealed a test failure for sha384, which I have yet to look into... Signed-off-by: NJarod Wilson <jarod@redhat.com> Acked-by: NNeil Horman <nhorman@tuxdriver.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Jarod Wilson 提交于
Now with multi-block test vectors, all from SP800-38A, Appendix F.5. Also added ctr(aes) to case 10 in tcrypt. Signed-off-by: NJarod Wilson <jarod@redhat.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Jarod Wilson 提交于
Add ANSI X9.31 Continuous Pseudo-Random Number Generator (AES mode), aka 'ansi_cprng' test vectors, taken from Appendix B.2.9 and B.2.10 of the NIST RNGVS document, found here: http://csrc.nist.gov/groups/STM/cavp/documents/rng/RNGVS.pdf Successfully tested against both the cryptodev-2.6 tree and a Red Hat Enterprise Linux 5.4 kernel, via 'modprobe tcrypt mode=150'. The selection of 150 was semi-arbitrary, didn't seem like it should go any place in particular, so I started a new range for rng tests. Signed-off-by: NJarod Wilson <jarod@redhat.com> Acked-by: NNeil Horman <nhorman@tuxdriver.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Jarod Wilson 提交于
Add an array of encryption and decryption + verification self-tests for rfc4309(ccm(aes)). Test vectors all come from sample FIPS CAVS files provided to Red Hat by a testing lab. Unfortunately, all the published sample vectors in RFC 3610 and NIST Special Publication 800-38C contain nonce lengths that the kernel's rfc4309 implementation doesn't support, so while using some public domain vectors would have been preferred, its not possible at this time. Signed-off-by: NJarod Wilson <jarod@redhat.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Frank Seidel 提交于
Applying kernel janitors todos (printk calls need KERN_* constants on linebeginnings, reduce stack footprint where possible) to tcrypts test_hash_speed (where stacks memory footprint was very high (on i386 1184 bytes to 160 now). Signed-off-by: NFrank Seidel <frank@f-seidel.de> Acked-by: NNeil Horman <nhorman@tuxdriver.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 04 3月, 2009 1 次提交
-
-
由 Geert Uytterhoeven 提交于
Signed-off-by: NGeert Uytterhoeven <Geert.Uytterhoeven@sonycom.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 29 8月, 2008 4 次提交
-
-
由 Herbert Xu 提交于
This patch moves the newly created alg_test infrastructure into cryptomgr. This shall allow us to use it for testing at algorithm registrations. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
This patch creates a new interface algorithm testing. A test can be requested for a particular implementation of an algorithm. This is achieved by taking both the name of the algorithm and that of the implementation. The all-inclusive test has also been rewritten to no longer require a duplicate listing of all algorithms with tests. In that process a number of missing tests have also been discovered and rectified. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
The info printed is a complete waste of space when there is no error since it doesn't tell us anything that we don't already know. If there is an error, we can also be more verbose. In case that there is an error, this patch also aborts the test and returns the error to the caller. In future this will be used to algorithms at registration time. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
If tcrypt is to be used as a run-time integrity test, it needs to be more resilient in a hostile environment. For a start allocating 32K of physically contiguous memory is definitely out. This patch teaches it to use separate pages instead. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 13 8月, 2008 1 次提交
-
-
由 Herbert Xu 提交于
My changeset 4b22f0dd crypto: tcrpyt - Remove unnecessary kmap/kunmap calls introduced a typo that broke AEAD chunk testing. In particular, axbuf should really be xbuf. There is also an issue with testing the last segment when encrypting. The additional part produced by AEAD wasn't tested. Similarly, on decryption the additional part of the AEAD input is mistaken for corruption. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 10 7月, 2008 8 次提交
-
-
由 Herbert Xu 提交于
All new crypto interfaces should go into individual files as much as possible in order to ensure that crypto.h does not collapse under its own weight. This patch moves the ahash code into crypto/hash.h and crypto/internal/hash.h respectively. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
Noticed by Neil Horman: we are doing unnecessary kmap/kunmap calls on kmalloced memory. This patch removes them. For the purposes of testing SG construction, the underlying crypto code already does plenty of kmap/kunmap calls anyway. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Neil Horman 提交于
Patch to add checking of DES3 test vectors using CBC mode. FIPS-140-2 compliance mandates that any supported mode of operation must include a self test. This satisfies that requirement for cbc(des3_ede). The included test vector was generated by me using openssl. Key/IV was generated with the following command: openssl enc -des_ede_cbc -P input and output values were generated by repeating the string "Too many secrets" a few times over, truncating it to 128 bytes, and encrypting it with openssl using the aformentioned key. Tested successfully by myself Signed-off-by: NNeil Horman <nhorman@tuxdriver.com> Acked-by: NAdrian-Ken Rueegsegger <rueegsegger@swiss-it.ch> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Loc Ho 提交于
This patch changes tcrypt to use the new asynchronous hash interface for testing hash algorithm correctness. The speed tests will continue to use the existing interface for now. Signed-off-by: NLoc Ho <lho@amcc.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Adrian-Ken Rueegsegger 提交于
This patch adds test vectors for RIPEMD-256 and RIPEMD-320 hash algorithms. The test vectors are taken from <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> Signed-off-by: NAdrian-Ken Rueegsegger <rueegsegger@swiss-it.ch> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Patrick McHardy 提交于
Check whether the destination buffer is written to beyond the last byte contained in the scatterlist. Also change IDX1 of the cross-page access offsets to a multiple of 4. This triggers a corruption in the HIFN driver and doesn't seem to negatively impact other testcases. Signed-off-by: NPatrick McHardy <kaber@trash.net> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
Change logs should be kept in source control systems, not the source. This patch removes the change log from tcrpyt to stop people from extending it any more. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Adrian-Ken Rueegsegger 提交于
This patch adds test vectors for RIPEMD-128 and RIPEMD-160 hash algorithms and digests (HMAC). The test vectors are taken from ISO:IEC 10118-3 (2004) and RFC2286. Signed-off-by: NAdrian-Ken Rueegsegger <rueegsegger@swiss-it.ch> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 08 7月, 2008 1 次提交
-
-
由 Darren Jenkins 提交于
Coverity CID: 2306 & 2307 RESOURCE_LEAK In the second for loop in test_cipher(), data is allocated space with kzalloc() and is only ever freed in an error case. Looking at this loop, data is written to this memory but nothing seems to read from it. So here is a patch removing the allocation, I think this is the right fix. Only compile tested. Signed-off-by: NDarren Jenkins <darrenrjenkins@gmailcom> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 21 4月, 2008 5 次提交
-
-
由 Kamalesh Babulal 提交于
On Thu, Mar 27, 2008 at 03:40:36PM +0100, Bodo Eggert wrote: > Kamalesh Babulal <kamalesh@linux.vnet.ibm.com> wrote: > > > This patch cleanups the crypto code, replaces the init() and fini() > > with the <algorithm name>_init/_fini > > This part ist OK. > > > or init/fini_<algorithm name> (if the > > <algorithm name>_init/_fini exist) > > Having init_foo and foo_init won't be a good thing, will it? I'd start > confusing them. > > What about foo_modinit instead? Thanks for the suggestion, the init() is replaced with <algorithm name>_mod_init () and fini () is replaced with <algorithm name>_mod_fini. Signed-off-by: NKamalesh Babulal <kamalesh@linux.vnet.ibm.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Kevin Coffman 提交于
Implement CTS wrapper for CBC mode required for support of AES encryption support for Kerberos (rfc3962). Signed-off-by: NKevin Coffman <kwc@citi.umich.edu> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Sebastian Siewior 提交于
The test routines (test_{cipher,hash,aead}) are makeing a copy of the test template and are processing the encryption process in place. This patch changes the creation of the copy so it will work even if the source address of the input data isn't an array inside of the template but a pointer. Signed-off-by: NSebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Sebastian Siewior 提交于
The speed templates as it look always the same. The key size is repeated for each block size and we test always the same block size. The addition of one inner loop makes it possible to get rid of the struct and it is possible to use a tiny u8 array :) Signed-off-by: NSebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Sebastian Siewior 提交于
Some crypto ciphers which are impleneted support similar key sizes (16,24 & 32 byte). They can be grouped together and use a common templatte instead of their own which contains the same data. Signed-off-by: NSebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 11 1月, 2008 12 次提交
-
-
由 Herbert Xu 提交于
Currently the gcm(aes) tests have to be taken together with all other algorithms. This patch makes it available by itself at number 106. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
The axbuf buffer is used by test_aead and therefore should be zeroed there instead of in test_hash. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Joy Latten 提交于
This patch adds 7 test vectors to tcrypt for CCM. The test vectors are from rfc 3610. There are about 10 more test vectors in RFC 3610 and 4 or 5 more in NIST. I can add these as time permits. I also needed to set authsize. CCM has a prerequisite of authsize. Signed-off-by: NJoy Latten <latten@austin.ibm.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
As discussed previously, this patch moves the basic CTR functionality into a chainable algorithm called ctr. The IPsec-specific variant of it is now placed on top with the name rfc3686. So ctr(aes) gives a chainable cipher with IV size 16 while the IPsec variant will be called rfc3686(ctr(aes)). This patch also adjusts gcm accordingly. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Tan Swee Heng 提交于
This patch adds a simple speed test for salsa20. Usage: modprobe tcrypt mode=206 Signed-of-by: NTan Swee Heng <thesweeheng@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Zoltan Sogor 提交于
Add LZO compression algorithm support Signed-off-by: NZoltan Sogor <weth@inf.u-szeged.hu> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Zoltan Sogor 提交于
Add common compression tester function Modify deflate test case to use the common compressor test function Signed-off-by: NZoltan Sogor <weth@inf.u-szeged.hu> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
The crypto_aead convention for ICVs is to include it directly in the output. If we decided to change this in future then we would make the ICV (if the algorithm has an explicit one) available in the request itself. For now no algorithm needs this so this patch changes gcm to conform to this convention. It also adjusts the tcrypt aead tests to take this into account. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Herbert Xu 提交于
Currently the gcm(aes) tests have to be taken together with all other ciphers. This patch makes it available by itself at number 35. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Denis Cheng 提交于
These utilities implemented in lib/hexdump.c are more handy, please use this. Signed-off-by: NDenis Cheng <crquan@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Tan Swee Heng 提交于
Currently the number of entries in a cipher test vector template is limited by TVMEMSIZE/sizeof(struct cipher_testvec). This patch circumvents the problem by pointing cipher_tv to each entry in the template, rather than the template itself. Signed-off-by: NTan Swee Heng <thesweeheng@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Mikko Herranen 提交于
Add GCM/GMAC support to cryptoapi. GCM (Galois/Counter Mode) is an AEAD mode of operations for any block cipher with a block size of 16. The typical example is AES-GCM. Signed-off-by: NMikko Herranen <mh1@iki.fi> Reviewed-by: NMika Kukkonen <mika.kukkonen@nsn.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-